Malicious attachments attacking devices
January 3, 2018
Researchers have warned of the latest development in cyber-crime, coming via email.
There is a growing risk of cyber-crime from hackers launching attacks containing malicious attachments, that appear as if they are coming from the network printer, reports SC Media UK. Researchers for Barracuda first witnessed such an attack towards the end of November last year, and shortly afterwards they detected “millions of attempts” to infect users’ devices via email.
In a blog post, the researchers explained: “Receiving a PDF attachment in an email sent by a printer is so commonplace that many users assume the document is completely safe. From a social engineering perspective, this is exactly the response that the cyber-criminals want.”
Attackers are choosing PDF-generating devices, the researchers added, because due to the assumption that they are safe, they can be more effectively weaponised to deliver actively harmful contents.
The emails in question contained a subject line similar to ‘Scanned from HP’, or Epson or Canon – brands that users trust, according to the researchers – and contained a malicious file attachment with techniques designed to avoid detection – for instance, modified file names allowing it to imitate a .jpg or .txt format. The malware was then able to enjoy unrestricted access to a user’s device, including the ability to browse and copy files, change settings and observe user behaviour.
Barracuda’s researchers’ recommendations for preventing these attacks include not clicking anything suspicious, and checking with the sender to ascertain whether or not it is genuine, should they receive any unexpected files. They also suggest hovering the mouse over any hyperlinks to double-check where they lead, and familiarising oneself with advance threat protection.
Categories : Around the Industry
